Table of Contents
Advertisement
Volume Write Protection
•
When "Volume Write Protection" is enabled on the "Create Volume Set", host commands fail if
they are issued to a volume in that RAID controller and attempt to modify a volume's data or
attributes. Volume Write Protection is used primarily for customer-initiated disaster recovery
testing.
Full Volume Encryption
•
The RAID adapters have featured with controller based hardware encryption function.
Controller based hardware encryption describes the encryption of data occurring at the disk
array controller before being sent to the disk drives. Since RAID controller is a natural central
point of all data therefore encryption at this level is inherent and also reduces deployment
complexity. The RAID controller has dedicated electronic circuitry for the cryptographic engine
embedded in the ROC and operating at full channel speeds. The hardware encryption does not
impact the performance of RAID controller and can implement on any kinds of HDD that is
transparent to the user, the OS, and applications.
Encrypting your volume can give your data an extra layer of protection beyond setting up a
controller password. Encryption will conceal your volume's data and make accessing the files
almost impossible for anyone who does not know your encryption key. Data saved in the
volume will be hidden by algorithm developed by Sans Digital. With this scramble process, no
one can see and access into the hidden volume data without access key. The RAID adapters
support 128- and 256-bit encryption keys using AES (a key size of 128, or 256 bits), or password
(a variable key size). Each encryption key size causes the algorithm to behave slightly differently,
so the increasing key sizes not only offer a larger number of bits with which you can scramble
the data, but also increase the complexity of the cipher algorithm. The RAID adapters provide
five new key options in the 'Full Volume Encryption:"Disable', "256Bit key, Password", "256Bit
key, AES", "128Bit key, Password", "128Bit key, AES". You can generate the new key by CLI
utility or API code function.
This volume encryption function can only work with RAID adapter with any kinds of HDD. You
can follow below steps to enable the function.
1. Create volume set with "Full Volume Encryption" capability in the web management.
2. Use CLI "vsf genkey" command or API code to generate key file.
3. Use "Download Volume Key File" in the web management or use CLI "vsf dlkey"
command to download volume key file into firmware and unlock the volume.
4. Follow step 3. to unlock volume if volume locked.
Tagged Command Queuing
•
The "Enabled" option is useful for enhancing overall system performance under multi-tasking
operating systems. The Command Tag (Drive Channel) function controls the SAS command tag
queuing support for each drive channel. This function should normally remain "Enabled".
77
Advertisement
Table of Contents
